<?php
include ("common.php");
$action = $_REQUEST['act'];
switch($action) {
	case 'login' :
		$res = login();
		break;
	case 'reg' :
		$res = reg();
		break;
	case 'info' :
		$res = getUserInfo();
		break;
	case 'money':
		$res=submitMoney();
		break;
	case 'addNew' :
		$res = addNew();
		break;
	case 'pay':
	    $res=payMoneyOrder();
	    break;
	case 'getNewId' :
		$res = getNewId();
		break;
	case 'upNew' :
		$res = upNew();
		break;
	case 'delNew' :
		$res = delNew();
		break;
	case 'msg' :
		$res = addMessage();
		break;
	case 'getmsg' :
		$res = getMessage();
		break;
	case 'delMsg' :
		$res = delMsg();
		break;

	default :
		$res = array('code' => 0, 'msg' => '未找到相应请求');
		break;
}

function build_order_no() {    
    return date('Ymd').substr(implode(NULL, array_map('ord', str_split(substr(uniqid(), 7, 13), 1))), 0, 8);
}

function login() {
	
	$user_name = $_POST['useraccount'];
	$user_password = $_POST['userpwd'];
	include ("common.php");
	$sql = "select * from usersinfo where useraccount='$user_name' and userpwd='$user_password' and status=100 limit 1";
	$check_user = mysql_query($sql);
	$result = mysql_fetch_array($check_user);
	if ($result) {
		session_start();
		$_SESSION['useraccount']=$user_name;
		exit(json_encode(array('msg' => '登录成功', 'code' => 1, 'data' => null)));
	} else {
		exit(json_encode(array('msg' => '登录失败,您不是管理员。', 'code' => 0, 'data' => null)));

	}
	mysql_close($conn);
}

function reg() {
	$user_useraccount = $_POST['useraccount'];
	$user_name = $_POST['username'];
	$user_pwd = $_POST['userpwd'];
	$user_phone = $_POST['userphone'];
	$user_qq = $_POST['userqq'];
	$user_moneypwd = $_POST['moneypwd'];
	$user_cardname = $_POST['cardname'];
	$user_cardnum = $_POST['cardnum'];
	date_default_timezone_set("Asia/Shanghai");
	$showtime= date('Y-m-d H:i:s',time());
	include ("common.php");
	$check_query = mysql_query("select * from usersinfo where useraccount='$user_useraccount' limit 1");
	if (mysql_fetch_array($check_query)) {
		$result = array('msg' => '用户名已存在', 'code' => 0);
		print(json_encode($result));
	
	} else {
		$uuid=build_order_no();
		// echo $user_useraccount.'--'.$user_name.'--'.$user_pwd.'--'.$user_phone.'--'.$user_qq.'--'.$user_moneypwd.'--'.$user_cardname.'--'.$user_cardnum.'--'.$showtime;
		$sql = "insert into usersinfo(userid,useraccount,username,userpwd,userphone,userqq,moneypwd,cardname,cardnum,retimes,status)  VALUES ('$uuid','$user_useraccount','$user_name','$user_pwd','$user_phone','$user_qq','$user_moneypwd','$user_cardname','$user_cardnum','$showtime',2)";
		// $insetsql = "insert into usersinfo(userid,useraccount,username,userpwd,userphone,userqq,moneypwd,cardname,cardnum,retimes,status)  values('1','1111','2222','3333','4444','5555','7777','6666','8888','9999',2)";
		// echo $sql;
		if (mysql_query($sql)) {
			print(json_encode(array('msg' => '注册成功', 'code' => 1)));
			
		} else {
			print(json_encode(array('msg' => '注册失败', 'code' => 0)));
			
		}
	}
	
		mysql_close($conn);
}

function getUserInfo() {
	$news_list = "SELECT u.*,m.paymoney,m.paytime,m.submitmoney,m.submitstatus,m.submittime FROM usersinfo u,money m where u.useraccount=m.useraccount";
	$result = mysql_query($news_list);
	$list = array();
	if($result){
	while ($row = mysql_fetch_array($result)) {
		$list[] = array('userid'=>$row['userid'],'username' => $row['username'],  'paymoney' => $row['paymoney'],'paytime' => $row['paytime'], 'useraccount' => $row['useraccount'], 'userpwd' => $row['userpwd'],'userphone'=>$row['userphone'],'userqq'=>$row['userqq'], 'submitmoney'=>$row['submitmoney'],'submittime'=>$row['submittime'],'submitstatus'=>$row['submitstatus'], 'moneypwd'=>$row['moneypwd'],'cardname'=>$row['cardname'],'cardnum'=>$row['cardnum'],'retimes'=>$row['retimes']);
	}
	print json_encode(array('msg' => '成功', 'code' => 1, 'data' => $list));
	
}	else{
	print json_encode(array('msg' => '失败', 'code' => 0, 'data' => array()));
	
}

	mysql_close($conn);
}

function submitMoney(){
	$user_name = $_POST['useraccount'];
	$user_submitmoney = $_POST['submitmoney'];
	$user_moneypwd = $_POST['moneypwd'];
	$user_cardname = $_POST['cardname'];
	$user_cardnum = $_POST['cardnum'];
	date_default_timezone_set("Asia/Shanghai");
	$showtime= date('Y-m-d H:i:s',time());
	include ("common.php");
	$sql = "select * from usersinfo where useraccount='$user_name' and moneypwd='$user_moneypwd' and cardname='$user_cardname' and cardnum='$user_cardnum' limit 1";
	$check_query = mysql_query($sql);
	if (mysql_fetch_array($check_query)) {
			$queryMoenySql="select  paymoney from money where useraccount='$user_name'";
			$resultMoney = mysql_query($queryMoenySql);
			$money=mysql_result($resultMoney,0);
			if($money<$user_submitmoney){
				print(json_encode(array('msg' => '提款失败,您提取的金额大于你的余额', 'code' => 0)));
			    die();
			}
			$submitMoney=(float)$money-(float)$user_submitmoney;

		$upsql="insert into money(paymoney,paytime,submitmoney,submittime,submitstatus,useraccount) VALUES('','','$user_submitmoney','$showtime',1,'$user_name')";
		//$upsql="update userinfo u SET u.paymoney='$submitMoney',u.submitmoney='$user_submitmoney', u.submittime='$showtime', u.submitstatus=1 where u.useraccount='$user_name'";
		if (mysql_query($upsql)) {
			print(json_encode(array('msg' => '提款成功', 'code' => 1)));
		} else{
			print(json_encode(array('msg' => '提款失败', 'code' => 0)));
		}

	}else{
		$result = array('msg' => '您好没有注册,不能提现', 'code' => 0);
		print(json_encode($result));
		die();
	}
	mysql_close($conn);
}
function payMoneyOrder(){
    $user_account = $_POST['useraccount'];
	$user_name = $_POST['username'];
	$user_money = $_POST['paymoney'];
	date_default_timezone_set("Asia/Shanghai");
	$showtime= date('Y-m-d H:i:s',time());
	include ("common.php");
	$sql = "select * from usersinfo where useraccount='$user_account' and username='$user_name'  limit 1";
	$check_query = mysql_query($sql);
	if (mysql_fetch_array($check_query)) {
			//先查询用户原来的余额
			$queryMoenySql="select  paymoney from money where useraccount='$user_account'";
			$resultMoney = mysql_query($queryMoenySql);
			$money= mysql_result($resultMoney,0);
			$totoalMoney=(float)$user_money+(float)$money;
			//在相加原来的钱
		//$upsql="INSET INTO  userinfo u SET u.paymoney='$totoalMoney',u.paytime='$showtime' where u.useraccount='$user_account'";
		$upsql="INSERT INTO money(paymoney,paytime,submitmoney,submittime,submitstatus,useraccount) VALUES('$totoalMoney','$showtime','','',2,'$user_account')";

		if (mysql_query($upsql)) {
			print(json_encode(array('msg' => '充值成功', 'code' => 1)));
		
		} else{
			print(json_encode(array('msg' => '充值失败', 'code' => 0)));
		
		}
	}else{
		$result = array('msg' => '您好没有注册,不能充值', 'code' => 0);
		print(json_encode($result));
		die();
	}
	mysql_close($conn);
}
function addNew() {
	$id = $_POST['id'];
	$title = $_POST['title'];
	$digest = $_POST['digest'];
	$content = $_POST['content'];
	date_default_timezone_set("Asia/Shanghai");
	$showtime= date('Y-m-d H:i:s',time());
	//echo $digest." --".$title."000".$content;
	$add_sql = "insert into News(new_title,new_digest,new_content,new_logtime) values('$title','$digest','$content','$showtime')";
	if (mysql_query($add_sql)) {
		print json_encode(array('msg' => '添加成功', 'code' => 1));
	} else {
		print json_encode(array('msg' => '添加失败', 'code' => 0));
	}
}

function getNewId() {
	$id = $_POST['id'];
	$getId = "SELECT * FROM  News WHERE new_id='$id'";
	$result=mysql_query($getId);
	$list=array();
	if($row=mysql_fetch_array($result)){
		print json_encode(array('msg' => '成功', 'code' => 1,'data'=>array('id'=>$row['new_id'],'title'=>$row['new_title'],'digest'=>$row['new_digest'],'content'=>$row['new_content'],'logtime'=>$row['new_logtime'])));
		mysql_close($conn);
	}
}

function upNew(){
	$id = $_POST['id'];
	$title = $_POST['title'];
	$digest = $_POST['digest'];
	$content = $_POST['content'];
	date_default_timezone_set("Asia/Shanghai");
	$showtime= date('Y-m-d H:i:s',time());
	$up_sql = "update  News n SET n.new_title='$title',n.new_digest='$digest',n.new_content='$content',new_logtime='$showtime' where n.new_id='$id'";
	if (mysql_query($up_sql)) {
		print json_encode(array('msg' => '修改成功', 'code' => 1));
	} else {
		print json_encode(array('msg' => '修改失败', 'code' => 0));
	}
	
}
function delNew(){
	$id = $_POST['id'];
	$delNew="DELETE FROM News WHERE new_id='$id'";
	if (mysql_query($delNew)) {
		print json_encode(array('msg' => '删除成功', 'code' => 1));
	} else {
		print json_encode(array('msg' => '删除失败', 'code' => 0));
	}
	
	mysql_close($conn);
}

function addMessage(){
	$name=test_input($_POST['name']);
	$link=test_input($_POST['link']);
	$theme=$_POST['theme'];
	$content=test_input($_POST['content']);
	date_default_timezone_set("Asia/Shanghai");
	$showtime= date('Y-m-d H:i:s',time());
	//echo $name;
	//die();
	$msg_sql="insert into Messages(msg_name,msg_link,msg_theme,msg_content,msg_logtime) values('$name','$link','$theme','$content','$showtime')";
	if (mysql_query($msg_sql)) {
		print json_encode(array('msg' => '添加成功', 'code' => 1));
	} else {
		print json_encode(array('msg' => '添加失败', 'code' => 0));
	}
	mysql_close($conn);
}
function test_input($data)
{
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}
function getMessage(){
	$msg_list = 'select * from Messages order by msg_logtime DESC';
	$result = mysql_query($msg_list);
	$list = array();
	if($result){
	while ($row = mysql_fetch_array($result)) {
		$list[] = array('id'=>$row['msg_id'],'name' => $row['msg_name'], 'link' => $row['msg_link'], 'theme' => $row['msg_theme'],'content'=>$row['msg_content'],'logtime'=>$row['msg_logtime']);
	}
	print json_encode(array('msg' => '成功', 'code' => 1, 'data' => $list));
}	else{
	print json_encode(array('msg' => '失败', 'code' => 0, 'data' => array()));
}
	mysql_close($conn);
}

function delMsg(){
	$id = $_POST['id'];
	//echo $id;
	//die();
	$delMsg="DELETE FROM Messages WHERE msg_id='$id'";
	if (mysql_query($delMsg)) {
		print json_encode(array('msg' => '删除成功', 'code' => 1));
	} else {
		print json_encode(array('msg' => '删除失败', 'code' => 0));
	}
	mysql_close($conn);	
}

function guid(){
    if (function_exists('com_create_guid')){
        return com_create_guid();
    }else{
        mt_srand((double)microtime()*10000);//optional for php 4.2.0 and up.
        $charid = strtoupper(md5(uniqid(rand(), true)));
        $hyphen = chr(45);// "-"
        $uuid = chr(123)// "{"
                .substr($charid, 0, 8).$hyphen
                .substr($charid, 8, 4).$hyphen
                .substr($charid,12, 4).$hyphen
                .substr($charid,16, 4).$hyphen
                .substr($charid,20,12)
                .chr(125);// "}"
        return $uuid;
    }
}

?>
